OpenCloudOS-Kernel/drivers
Harald Freudenberger f2bbc96e7c s390/pkey: add CCA AES cipher key support
Introduce new ioctls and structs to be used with these new ioctls
which are able to handle CCA AES secure keys and CCA AES cipher keys:

PKEY_GENSECK2: Generate secure key, version 2.
  Generate either a CCA AES secure key or a CCA AES cipher key.

PKEY_CLR2SECK2: Generate secure key from clear key value, version 2.
  Construct a CCA AES secure key or CCA AES cipher key from a given
  clear key value.

PKEY_VERIFYKEY2: Verify the given secure key, version 2.
  Check for correct key type. If cardnr and domain are given, also
  check if this apqn is able to handle this type of key. If cardnr and
  domain are 0xFFFF, on return these values are filled with an apqn
  able to handle this key. The function also checks for the master key
  verification patterns of the key matching to the current or
  alternate mkvp of the apqn. CCA AES cipher keys are also checked
  for CPACF export allowed (CPRTCPAC flag). Currently CCA AES secure
  keys and CCA AES cipher keys are supported (may get extended in the
  future).

PKEY_KBLOB2PROTK2: Transform a key blob (of any type) into
  a protected key, version 2. Difference to version 1 is only that
  this new ioctl has additional parameters to provide a list of
  apqns to be used for the transformation.

PKEY_APQNS4K: Generate a list of APQNs based on the key blob given.
  Is able to find out which type of secure key is given (CCA AES
  secure key or CCA AES cipher key) and tries to find all matching
  crypto cards based on the MKVP and maybe other criterias (like CCA
  AES cipher keys need a CEX6C or higher). The list of APQNs is
  further filtered by the key's mkvp which needs to match to either
  the current mkvp or the alternate mkvp (which is the old mkvp on CCA
  adapters) of the apqns. The flags argument may be used to limit the
  matching apqns. If the PKEY_FLAGS_MATCH_CUR_MKVP is given, only the
  current mkvp of each apqn is compared. Likewise with the
  PKEY_FLAGS_MATCH_ALT_MKVP. If both are given it is assumed to return
  apqns where either the current or the alternate mkvp matches. If no
  matching APQN is found, the ioctl returns with 0 but the
  apqn_entries value is 0.

PKEY_APQNS4KT: Generate a list of APQNs based on the key type given.
  Build a list of APQNs based on the given key type and maybe further
  restrict the list by given master key verification patterns.
  For different key types there may be different ways to match the
  master key verification patterns. For CCA keys (CCA data key and CCA
  cipher key) the first 8 bytes of cur_mkvp refer to the current mkvp
  value of the apqn and the first 8 bytes of the alt_mkvp refer to the
  old mkvp. The flags argument controls if the apqns current and/or
  alternate mkvp should match. If the PKEY_FLAGS_MATCH_CUR_MKVP is
  given, only the current mkvp of each apqn is compared. Likewise with
  the PKEY_FLAGS_MATCH_ALT_MKVP. If both are given, it is assumed to
  return apqns where either the current or the alternate mkvp
  matches. If no matching APQN is found, the ioctl returns with 0 but
  the apqn_entries value is 0.

These new ioctls are now prepared for another new type of secure key
blob which may come in the future. They all use a pointer to the key
blob and a key blob length information instead of some hardcoded byte
array. They all use the new enums pkey_key_type, pkey_key_size and
pkey_key_info for getting/setting key type, key size and additional
info about the key. All but the PKEY_VERIFY2 ioctl now work based on a
list of apqns. This list is walked through trying to perform the
operation on exactly this apqn without any further checking (like card
type or online state). If the apqn fails, simple the next one in the
list is tried until success (return 0) or the end of the list is
reached (return -1 with errno ENODEV). All apqns in the list need to
be exact apqns (0xFFFF as any card or domain is not allowed). There
are two new ioctls which can be used to build a list of apqns based on
a key or key type and maybe restricted by match to a current or
alternate master key verifcation pattern.

Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Reviewed-by: Ingo Franzki <ifranzki@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-21 12:58:54 +02:00
..
accessibility
acpi libnvdimm fixes v5.3-rc2 2019-07-27 08:25:51 -07:00
amba Driver Core and debugfs changes for 5.3-rc1 2019-07-12 12:24:03 -07:00
android binder: prevent transactions to context manager from its own process. 2019-07-24 11:02:28 +02:00
ata ata: libahci_platform: remove redundant dev_err message 2019-07-16 08:27:09 -06:00
atm atm: idt77252: Remove call to memset after dma_alloc_coherent 2019-07-15 11:06:27 -07:00
auxdisplay It's been a relatively busy cycle for docs: 2019-07-09 12:34:26 -07:00
base Char/Misc driver fixes for 5.3-rc2 2019-07-28 10:26:10 -07:00
bcma
block for-linus-20190726 2019-07-26 10:32:12 -07:00
bluetooth Bluetooth: btusb: Add protocol support for MediaTek MT7663U USB devices 2019-07-06 21:44:25 +02:00
bus ARM: SoC-related driver updates 2019-07-19 17:13:56 -07:00
cdrom
char hpet: Fix division by zero in hpet_time_div() 2019-07-25 14:39:51 +02:00
clk This round of clk driver and framework updates is heavy on the driver update 2019-07-17 10:07:48 -07:00
clocksource clocksource/drivers/npcm: Fix misuse of GENMASK macro 2019-07-10 11:05:26 +02:00
connector connector: remove redundant input callback from cn_dev 2019-07-21 13:31:14 -07:00
counter Staging / IIO driver update for 5.3-rc1 2019-07-11 15:36:02 -07:00
cpufreq cpufreq/pasemi: fix use-after-free in pas_cpufreq_cpu_init() 2019-07-23 09:49:10 +02:00
cpuidle Merge branch 'pm-cpufreq' 2019-07-18 09:49:30 +02:00
crypto Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-19 12:23:37 -07:00
dax Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
dca
devfreq
dio
dma dmaengine updates for v5.3-rc1 2019-07-17 09:55:43 -07:00
dma-buf Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
edac
eisa
extcon
firewire firewire: mark expected switch fall-throughs 2019-07-25 20:09:37 -05:00
firmware Merge branch 'for-linus-5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/ibft 2019-07-26 09:43:43 -07:00
fpga fpga-manager: altera-ps-spi: Fix build error 2019-07-24 11:29:41 +02:00
fsi
gnss
gpio GPIO fixes for the v5.3 merge window: 2019-07-17 13:05:21 -07:00
gpu Wimplicit-fallthrough patches for 5.3-rc2 2019-07-27 11:04:18 -07:00
hid Linux 5.2 2019-07-15 09:42:32 -07:00
hsi
hv proc/sysctl: add shared variables for range check 2019-07-18 17:08:07 -07:00
hwmon hwmon: (nct6775) Fix register address and added missed tolerance for nct6106 2019-07-21 19:18:45 -07:00
hwspinlock
hwtracing coresight: Make the coresight_device_fwnode_match declaration's fwnode parameter const 2019-07-12 14:42:05 -07:00
i2c docs: fix broken doc references due to renames 2019-07-17 06:57:51 -03:00
i3c * Drop support for 10-bit I2C addresses 2019-07-09 09:04:31 -07:00
ide It's been a relatively busy cycle for docs: 2019-07-09 12:34:26 -07:00
idle
iio Driver Core and debugfs changes for 5.3-rc1 2019-07-12 12:24:03 -07:00
infiniband SCSI fixes on 20190720 2019-07-20 10:04:58 -07:00
input Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2019-07-20 12:22:30 -07:00
interconnect
iommu iommu/amd: Add support for X2APIC IOMMU interrupts 2019-07-23 17:41:52 +02:00
ipack TTY / Serial driver updates for 5.3-rc1 2019-07-11 15:38:21 -07:00
irqchip irqchip/gic-v3-its: Fix misuse of GENMASK macro 2019-07-10 11:04:17 +02:00
isdn ISDN: hfcsusb: checking idx of ep configuration 2019-07-15 11:10:31 -07:00
leds LED updates for 5.3-rc1 2019-07-09 08:59:39 -07:00
lightnvm
macintosh powerpc updates for 5.3 2019-07-13 16:08:36 -07:00
mailbox - stm32: race fix by adding a spinlock 2019-07-14 16:36:51 -07:00
mcb
md for-linus-20190726 2019-07-26 10:32:12 -07:00
media media updates for v5.3-rc1 2019-07-22 09:01:47 -07:00
memory Kbuild updates for v5.3 (2nd) 2019-07-20 09:34:55 -07:00
memstick MMC core: 2019-07-11 18:11:21 -07:00
message SCSI misc on 20190709 2019-07-11 15:14:01 -07:00
mfd - Core Frameworks 2019-07-15 20:18:40 -07:00
misc eeprom: make older eeprom drivers select NVMEM_SYSFS 2019-07-25 14:39:51 +02:00
mmc MMC core: 2019-07-11 18:11:21 -07:00
mtd mtd: onenand_base: Mark expected switch fall-through 2019-07-25 20:09:54 -05:00
mux
net Wimplicit-fallthrough patches for 5.3-rc2 2019-07-27 11:04:18 -07:00
nfc nfc: st-nci: remove redundant assignment to variable r 2019-07-02 12:00:50 -07:00
ntb New feature to add support for NTB virtual MSI interrupts, the ability 2019-07-21 09:46:59 -07:00
nubus
nvdimm libnvdimm fixes v5.3-rc2 2019-07-27 08:25:51 -07:00
nvme Revert "nvme-pci: don't create a read hctx mapping without read queues" 2019-07-23 17:47:02 +02:00
nvmem Driver Core and debugfs changes for 5.3-rc1 2019-07-12 12:24:03 -07:00
of virtio, vhost: fixes, features, performance 2019-07-17 11:26:09 -07:00
opp pci-v5.3-changes 2019-07-15 20:44:49 -07:00
oprofile vfs: Convert oprofilefs to use the new mount API 2019-07-04 22:01:59 -04:00
parisc
parport It's been a relatively busy cycle for docs: 2019-07-09 12:34:26 -07:00
pci New feature to add support for NTB virtual MSI interrupts, the ability 2019-07-21 09:46:59 -07:00
pcmcia It's been a relatively busy cycle for docs: 2019-07-09 12:34:26 -07:00
perf docs: perf: move to the admin-guide 2019-07-15 09:20:27 -03:00
phy phy: for 5.3 2019-07-01 15:04:59 +02:00
pinctrl This is the bulk of pin control changes for the v5.3 kernel 2019-07-13 15:02:27 -07:00
platform platform/x86: asus: Rename "fan mode" to "fan boost mode" 2019-07-17 19:07:58 +03:00
pnp docs: driver-api: add a series of orphaned documents 2019-07-15 11:03:02 -03:00
power power supply and reset changes for the v5.3 series 2019-07-15 21:06:15 -07:00
powercap powercap: Invoke powercap_init() and rapl_init() earlier 2019-07-22 11:23:00 +02:00
pps drivers/pps/pps.c: clear offset flags in PPS_SETPARAMS ioctl 2019-07-16 19:23:24 -07:00
ps3
ptp
pwm pwm: Changes for v5.3-rc1 2019-07-09 08:57:45 -07:00
rapidio Merge branch 'akpm' (patches from Andrew) 2019-07-17 08:58:04 -07:00
ras
regulator - Core Frameworks 2019-07-15 20:18:40 -07:00
remoteproc remoteproc updates for v5.3 2019-07-17 11:44:41 -07:00
reset ARM: SoC-related driver updates 2019-07-19 17:13:56 -07:00
rpmsg
rtc RTC for 5.3 2019-07-17 10:03:50 -07:00
s390 s390/pkey: add CCA AES cipher key support 2019-08-21 12:58:54 +02:00
sbus
scsi SCSI fixes on 20190726 2019-07-26 14:20:28 -07:00
sfi
sh
siox
slimbus
sn
soc Merge branch 'pdf_fixes_v1' of https://git.linuxtv.org/mchehab/experimental into mauro 2019-07-22 13:51:20 -06:00
soundwire soundwire updates for v5.3-rc1 2019-07-05 08:15:08 +02:00
spi Driver Core and debugfs changes for 5.3-rc1 2019-07-12 12:24:03 -07:00
spmi
ssb
staging docs conversion for v5.3-rc1 2019-07-16 12:21:41 -07:00
target scsi: target: cxgbit: add support for IEEE_8021QAZ_APP_SEL_STREAM selector 2019-07-22 17:04:20 -04:00
tc
tee
thermal int340X/processor_thermal_device: Fix proc_thermal_rapl_remove() 2019-07-23 09:36:07 +02:00
thunderbolt Driver Core and debugfs changes for 5.3-rc1 2019-07-12 12:24:03 -07:00
tty TTY fixes for 5.3-rc2 2019-07-28 10:18:33 -07:00
uio
usb xhci: Fix crash if scatter gather is used with Immediate Data Transfer (IDT). 2019-07-25 11:26:42 +02:00
uwb
vfio VFIO updates for v5.3-rc1 2019-07-17 11:23:13 -07:00
vhost virtio, vhost: fixes, features, performance 2019-07-17 11:26:09 -07:00
video - New Functionality 2019-07-16 09:25:04 -07:00
virt
virtio Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
visorbus
vlynq
vme
w1 docs: driver-api: add a series of orphaned documents 2019-07-15 11:03:02 -03:00
watchdog watchdog: digicolor_wdt: Remove unused variable in dc_wdt_probe 2019-07-15 08:49:11 +02:00
xen xen: fixes and features for 5.3-rc1 2019-07-19 11:41:26 -07:00
zorro
Kconfig
Makefile